SEC401: Security Essentials Bootcamp Style

Provided by

Enquire about this course

About the course


Cert: GSEC GIAC Security Essentials

SEC401: Security Essentials Bootcamp Style is focused on providing you the essential information security skills and techniques you need to protect and secure your organization's critical information and technology assets. SEC401 will show you how to apply the knowledge you gain, forming it into a winning defensive strategy in the terms of the modern adversary. This is how we fight; this is how we win!

What You Will Learn
This course will show you the most effective steps to prevent attacks and detect adversaries with actionable techniques that can be used as soon as you get back to work. You'll learn tips and tricks designed to help you win the battle against the wide range of cyber adversaries that want to harm your environment.

Is SEC401: Security Essentials Bootcamp Style the right course for you?

STOP and ask yourself the following questions:

  • Do you fully understand why some organizations become compromised and others do not?
  • If there were compromised systems on your network, are you confident that you would be able to find them?
  • Do you know the effectiveness of each security device and are you certain that they are all configured correctly?
  • Are proper security metrics set up and communicated to your executives to drive security decisions?
  • SEC401 provides you with the information security knowledge needed to help you answer these questions for your environment, delivered in a bootcamp-style format reinforced with hands-on labs.

Test your security knowledge with our free SANS Security Essentials Assessment Test.

You will learn:

  • To develop effective security metrics that provide a focused playbook that the IT department can implement, auditors can validate, and executives can understand
  • To analyze the risk to your environment in order to drive the creation of a security roadmap that focuses on the right areas of security
  • Practical tips and tricks that focus on addressing high-priority security problems within your organization and doing the right things that lead to security solutions that work
  • Why some organizations win and why some lose when it comes to security and, most importantly, how to be on the winning side
  • The core areas of security and how to create a security program that is built on a foundation of Detection, Response, and Prevention


SEC401: Security Essentials Bootcamp Style is focused on providing you the essential information security skills and techniques you need to protect and secure your organization's critical information and technology assets. SEC401 will show you how to apply the knowledge you gain, forming it into a winning defensive strategy in the terms of the modern adversary. This is how we fight; this is how we win!


With the rise in advanced persistent threats, it is inevitable that organizations will be targeted. Defending against attacks is an ongoing challenge, with new threats emerging all the time, including the next generation of threats. In order to be successful in defending an environment, organizations need to understand what really works in cybersecurity. What has worked ... and will always work ... is taking a risk-based approach to cyber defense. Before your organization spends a dollar of its IT budget or allocates any resources or time to anything in the name of cybersecurity, three questions must be answered:

  1. What is the risk?
  2. Is it the highest priority risk?
  3. What is the most cost-effective way to reduce the risk?

All in all, however, organizations are going to be targeted AND broken into. Today, more than ever before, TIMELY detection and TIMELY response is critical. Once an adversary is inside the environment, damage will occur. In the near future, the key question in information security will become, "How quickly can we detect, respond, and remediate an adversary?" As counterintuitive as it may seem, it needs to be stated that you CANNOT secure what you don't know you have. Security is all about making sure you focus on the right areas of defense (especially as applied to the uniqueness of YOUR organization). In SEC401 you will learn the language and underlying workings of computer and information security, and how best to apply it to your unique needs. You will gain the essential and effective security knowledge you will need if you are given the responsibility to secure systems and/or organizations. This course meets both of the key promises SANS makes to our students: (1) You will learn up-to-the-minute skills that you can put into practice immediately upon returning to work; and (2) You will be taught by the best security professionals in the industry.

You Will Be Able To

  • Apply what you learn directly to your job when you go back to work
  • Design and build a network architecture using VLANs, NAC, and 802.1x based on advanced persistent threat indicators of compromise
  • Run Windows command line tools to analyze a system looking for high-risk items
  • Utilize Linux command line tools and basic scripting to automate the running of programs to perform continuous monitoring of systems
  • Create an effective policy that can be enforced within an organization and design a checklist to validate security and create metrics to tie into training and awareness
  • Identify visible weaknesses of a system using various tools and, once vulnerabilities are discovered, configure the system to be more secure
  • Build a network visibility map that can be used for hardening of a network - validating the attack surface and determining the best methodology to reduce the attack surface through hardening and patching
  • Sniff network communication protocols to determine the content of network communication (including unprotected access credentials), using tools such as tcpdump and Wireshark.

Hands-On Training

SEC401 is an interactive hands-on training course. The following is only a few of the lab activities that students will carry out:

  • Set up a virtual lab environment
  • Carry out tcpdump network analysis
  • Use Wireshark to decode network traffic
  • Crack passwords
  • Use hashing to preserve digital evidence
  • Analyze networks with hping3 and Nmap
  • Use steganography tools
  • Secure and audit a Windows system against a template

What You Will Receive

  • Course books with labs
  • USB
  • TCP/IP and tcpdump Reference Guide
  • IPv6 Pocket Guide
  • MP3 audio files of the complete course lecture


This course prepares you for the GSEC certification that meets the requirement of the DoD 8570 IAT Level 2.

Syllabus (46 CPEs)

SEC401.1: Network Security Essentials

SEC401.2: Defense-in-Depth

SEC401.3: Vulnerability Management and Response

SEC401.4: Data Security Technologies

SEC401.5: Windows Security

SEC401.6: Linux, Mac and Smartphone Security

GIAC Security Essentials
The GIAC Security Essentials (GSEC) certification validates a practitioner’s knowledge of information security beyond simple terminology and concepts. GSEC certification holders are demonstrating that they are qualified for hands-on IT systems roles with respect to security tasks. 

  • Active defense, defense in depth, access control & password management
  • Cryptography: basic concepts, algorithms and deployment, and application
  • Defensible network architecture, networking & protocols, and network security
  • Incident handling & response, vulnerability scanning and penetration testing
  • Linux security: structure, permissions, & access; hardening & securing; monitoring & attack detection; & security utilities
  • Security policy, contingency plans, critical controls and IT risk management
  • Web communication security, virtualization and cloud security, and endpoint security
  • Windows: access controls, automation, auditing, forensics, security infrastructure, & securing network services

SEC401: Security Essentials Bootcamp Style covers all of the core areas of security and assumes a basic understanding of technology, networks, and security. For those who are new to the field and have no background knowledge, SEC301: Introduction to Cyber Security would be the recommended starting point. While SEC301 is not a prerequisite for SEC401, it will provide the introductory knowledge to help maximize the experience with SEC401.

Who Should Attend SEC401?

  • Anyone who works in security, is interested in security, or has to understand security should take this course, including:
  • Security professionals who want to fill the gaps in their understanding of technical information security
  • Managers who want to understand information security beyond simple terminology and concepts
  • Operations personnel who do not have security as their primary job function but need an understanding of security to be effective
  • IT engineers and supervisors who need to know how to build a defensible network against attacks
  • Administrators responsible for building and maintaining systems that are being targeted by attackers
  • Forensic analysts, penetration testers, and auditors who need a solid foundation of security principles so they can be as effective as possible at their jobs
  • Anyone new to information security with some background in information systems and networking

"SEC401 should be a prerequisite for anyone involved in the security space. This course has contextualized my work on security strategy with more technical details of security features at the device and network levels, as well as in web and remote environments." - Aaron Ach, Good Harbor Security Risk Management




Start date Location / delivery
01 Nov 2021 Online Book now
07 Nov 2021 Online Book now
13 Nov 2021 Online Book now
15 Nov 2021 Online Book now
06 Dec 2021 Online Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...